FC: FBI reportedly creating "Magic Lantern" anti-crypto virus

From: Declan McCullagh (declanat_private)
Date: Tue Nov 20 2001 - 21:42:50 PST

  • Next message: Declan McCullagh: "FC: Events: Copyright in LA on 11/29; privacy in DC on 11/26"

    [This has been talked about in tech circles for years; it's hardly 
    suprising that the FBI would finally get around to creating such a beastie. 
    Perhaps an enterprising netrepreneur will take the next step: Creating a 
    "Secure PC" that would be proof against such an attack. Perhaps it would 
    run a better OS than Windows (just about any would do) where programs have 
    privileges, boot from fixed media like a CDROM that would require a 
    physical break-in to alter, require a private key embedded in a keychain 
    plugged in through a USB port to unlock the hard drive partitions where 
    application data are stored, use a flatscreen monitor and certain default 
    typefaces to limit TEMPEST emissions, include an Ethernet/serial port 
    monitor that would try to detect suspicious outgoing packets, compute 
    checksums every night on all executable and other relevant files, feature 
    tamper-proof hardware that would leave a physical or virtual mark if opened 
    by an intruder, be protected by a motion-activated videocam streaming 
    images of intruders to secure offshore websites, and so on. Dedicated 
    hardware that could not be accessed remotely could be hooked up to the SCSI 
    chain and scan key files nightly for the same MD5 checksum as the night 
    before. Or instead of a keychain, your crypto-key could be kept in your 
    Palm, which through a serial link also could be used to offload crypto 
    processing on hardware that's unlikely to be compromised. It's an 
    interesting dual trend and arms race: Police turning to software to snoop 
    on alleged miscreants, while counter-techniques are developing apace. My 
    money's on the defense. --Declan]
    From: "Geoff Gariepy" <geoff_gariepyat_private>
    To: <declanat_private>
    Subject: FBI software cracks encryption wall
    Date: Tue, 20 Nov 2001 14:24:21 -0500
    FBI software cracks encryption wall
    'Magic Lantern' part of new 'Enhanced Carnivore Project'
    By Bob Sullivan
    Nov. 20 - The FBI is developing software capable of inserting a computer
    virus onto a suspect's machine and obtaining encryption keys, a source
    familiar with the project told MSNBC.com. The software, known as "Magic
    Lantern," enables agents to read data that had been scrambled, a tactic
    often employed by criminals to hide information and evade law enforcement.
           MAGIC LANTERN installs so-called "keylogging" software on a suspect's
    machine that is capable of capturing keystrokes typed on a computer. By
    tracking exactly what a suspect types, critical encryption key information
    can be gathered, and then transmitted back to the FBI, according to the
    source, who requested anonymity.
            The virus can be sent to the suspect via e-mail - perhaps sent for
    the FBI by a trusted friend or relative. The FBI can also use common
    vulnerabilities to break into a suspect's computer and insert Magic Lantern,
    the source said.
    POLITECH -- Declan McCullagh's politics and technology mailing list
    You may redistribute this message freely if you include this notice.
    Declan McCullagh's photographs are at http://www.mccullagh.org/
    To subscribe to Politech: http://www.politechbot.com/info/subscribe.html
    This message is archived at http://www.politechbot.com/

    This archive was generated by hypermail 2b30 : Tue Nov 20 2001 - 22:04:24 PST